diff options
| author | unknown <igor@olga.mysql.com> | 2007-06-07 22:35:31 -0700 |
|---|---|---|
| committer | unknown <igor@olga.mysql.com> | 2007-06-07 22:35:31 -0700 |
| commit | d8e2f2622d29fb3c198d4895a1a06e2e61be476d (patch) | |
| tree | 2a76805a546bc4b9f809a7c3f38b61c28eed1e6a | |
| parent | 88d5c0146b78ddee5816fc256e9b2b0635df2445 (diff) | |
| download | mariadb-git-d8e2f2622d29fb3c198d4895a1a06e2e61be476d.tar.gz | |
Fixed bug #28811: crash for a query containing a subquery with
ORDER BY and LIMIT 1.
The bug was introduced by the patch for bug 21727. The patch
erroneously skipped initialization of the array of headers
for sorted records for non-first evaluations of the subquery.
To fix the problem a new parameter has been added to the
function make_char_array that performs the initialization.
Now this function is called for any invocation of the
filesort procedure. Yet it allocates the buffer for sorted
records only if this parameter is NULL.
mysql-test/r/subselect.result:
Added a test case for bug #28811.
mysql-test/t/subselect.test:
Added a test case for bug #28811.
| -rw-r--r-- | mysql-test/r/subselect.result | 26 | ||||
| -rw-r--r-- | mysql-test/t/subselect.test | 32 | ||||
| -rw-r--r-- | sql/filesort.cc | 19 |
3 files changed, 69 insertions, 8 deletions
diff --git a/mysql-test/r/subselect.result b/mysql-test/r/subselect.result index 38f6e2d10e3..efd6a5ab572 100644 --- a/mysql-test/r/subselect.result +++ b/mysql-test/r/subselect.result @@ -4080,4 +4080,30 @@ id select_type table type possible_keys key key_len ref rows Extra Warnings: Note 1003 select `res`.`count(*)` AS `count(*)` from (select count(0) AS `count(*)` from `test`.`t1` group by `test`.`t1`.`a`) `res` DROP TABLE t1; +CREATE TABLE t1 ( +a varchar(255) default NULL, +b timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, +INDEX idx(a,b) +); +CREATE TABLE t2 ( +a varchar(255) default NULL +); +INSERT INTO t1 VALUES ('abcdefghijk','2007-05-07 06:00:24'); +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO `t1` VALUES ('asdf','2007-02-08 01:11:26'); +INSERT INTO `t2` VALUES ('abcdefghijk'); +INSERT INTO `t2` VALUES ('asdf'); +SET session sort_buffer_size=8192; +SELECT (SELECT 1 FROM t1 WHERE t1.a=t2.a ORDER BY t1.b LIMIT 1) AS d1 FROM t2; +d1 +1 +1 +DROP TABLE t1,t2; End of 5.0 tests. diff --git a/mysql-test/t/subselect.test b/mysql-test/t/subselect.test index 33e58fe0c32..12688fa4cf4 100644 --- a/mysql-test/t/subselect.test +++ b/mysql-test/t/subselect.test @@ -2913,4 +2913,36 @@ SELECT * FROM (SELECT count(*) FROM t1 GROUP BY a) as res; DROP TABLE t1; +# +# Bug #28811: crash for query containing subquery with ORDER BY and LIMIT 1 +# + +CREATE TABLE t1 ( + a varchar(255) default NULL, + b timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, + INDEX idx(a,b) +); +CREATE TABLE t2 ( + a varchar(255) default NULL +); + +INSERT INTO t1 VALUES ('abcdefghijk','2007-05-07 06:00:24'); +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO t1 SELECT * FROM t1; +INSERT INTO `t1` VALUES ('asdf','2007-02-08 01:11:26'); +INSERT INTO `t2` VALUES ('abcdefghijk'); +INSERT INTO `t2` VALUES ('asdf'); + +SET session sort_buffer_size=8192; + +SELECT (SELECT 1 FROM t1 WHERE t1.a=t2.a ORDER BY t1.b LIMIT 1) AS d1 FROM t2; + +DROP TABLE t1,t2; + --echo End of 5.0 tests. diff --git a/sql/filesort.cc b/sql/filesort.cc index a4bf04a6786..d518ddbb117 100644 --- a/sql/filesort.cc +++ b/sql/filesort.cc @@ -35,7 +35,8 @@ if (my_b_write((file),(byte*) (from),param->ref_length)) \ /* functions defined in this file */ -static char **make_char_array(register uint fields, uint length, myf my_flag); +static char **make_char_array(char **old_pos, register uint fields, + uint length, myf my_flag); static BUFFPEK *read_buffpek_from_file(IO_CACHE *buffer_file, uint count); static ha_rows find_all_keys(SORTPARAM *param,SQL_SELECT *select, uchar * *sort_keys, IO_CACHE *buffer_file, @@ -202,9 +203,9 @@ ha_rows filesort(THD *thd, TABLE *table, SORT_FIELD *sortorder, uint s_length, ulong old_memavl; ulong keys= memavl/(param.rec_length+sizeof(char*)); param.keys=(uint) min(records+1, keys); - if (table_sort.sort_keys || - (table_sort.sort_keys= (uchar **) make_char_array(param.keys, param.rec_length, - MYF(0)))) + if ((table_sort.sort_keys= + (uchar **) make_char_array((char **) table_sort.sort_keys, + param.keys, param.rec_length, MYF(0)))) break; old_memavl=memavl; if ((memavl=memavl/4*3) < min_sort_memory && old_memavl > min_sort_memory) @@ -346,14 +347,16 @@ void filesort_free_buffers(TABLE *table, bool full) /* Make a array of string pointers */ -static char **make_char_array(register uint fields, uint length, myf my_flag) +static char **make_char_array(char **old_pos, register uint fields, + uint length, myf my_flag) { register char **pos; - char **old_pos,*char_pos; + char *char_pos; DBUG_ENTER("make_char_array"); - if ((old_pos= (char**) my_malloc((uint) fields*(length+sizeof(char*)), - my_flag))) + if (old_pos || + (old_pos= (char**) my_malloc((uint) fields*(length+sizeof(char*)), + my_flag))) { pos=old_pos; char_pos=((char*) (pos+fields)) -length; while (fields--) *(pos++) = (char_pos+= length); |